当前位置: 首页 > wzjs >正文

iis网站权限配置外贸平台排名

wzjs 2025/8/16 3:04:01
iis网站权限配置,外贸平台排名,别人给公司做的网站字体侵权吗,校园网站建设方案书实验拓扑 实验需求: 1、SW3的流量 正常情况下:SW1_VRF–>FW1—>SW1_Public—>R5 故障情况下:SW2_VRF–>FW2—>SW2_Public—>R6 2、SW4的流量 正常情况下:SW2_VRF–>FW2—>SW2_Public—>R6 故障情况下&…
  • 实验拓扑
    在这里插入图片描述
  • 实验需求:
    1、SW3的流量
    正常情况下:SW1_VRF–>FW1—>SW1_Public—>R5
    故障情况下:SW2_VRF–>FW2—>SW2_Public—>R6
    2、SW4的流量
    正常情况下:SW2_VRF–>FW2—>SW2_Public—>R6
    故障情况下:SW1_VRF–>FW1—>SW1_Public—>R5
    3、交换网络负载均衡

一. 实验配置
二层交换机配置
在这里插入图片描述
在这里插入图片描述

配置命令

[lsw3-GigabitEthernet0/0/3]dis th
interface GigabitEthernet0/0/3port link-type trunkport trunk allow-pass vlan 2 to 3[lsw3-GigabitEthernet0/0/4]dis th
interface GigabitEthernet0/0/4port link-type trunkport trunk allow-pass vlan 2 to 3[lsw3]stp enable
[lsw3]stp mode mstp
[lsw3]stp region-configuration 
[lsw3-mst-region]region-name aa
[lsw3-mst-region]instance 1 vlan 2
[lsw3-mst-region]instance 2 vlan 3
[lsw3-mst-region]active region-configuration 
[lsw3]stp instance 1 root primary 
[lsw3]stp instance 2 root secondary 
[lsw3]stp instance 0 root primary [lsw3-Vlanif2]dis th   #vlanif2配置
#
interface Vlanif2ip address 192.168.2.1 255.255.255.0vrrp vrid 1 virtual-ip 192.168.2.254vrrp vrid 1 priority 120vrrp vrid 1 preempt-mode timer delay 20vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 15vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 15
#
[lsw3-Vlanif3]dis th
#
interface Vlanif3ip address 192.168.3.1 255.255.255.0vrrp vrid 1 virtual-ip 192.168.3.254
#[lsw4-GigabitEthernet0/0/3]dis th
#
interface GigabitEthernet0/0/3port link-type trunkport trunk allow-pass vlan 2 to 3
#
[lsw4-GigabitEthernet0/0/4]dis th
#
interface GigabitEthernet0/0/4port link-type trunkport trunk allow-pass vlan 2 to 3
#
[lsw4]stp region-configuration 
[lsw4-mst-region]region-name aa
[lsw4-mst-region]instance 1 vlan 2
[lsw4-mst-region]instance 2 vlan 3
[lsw4-mst-region]active region-configuration 
[lsw4]stp instance 1 root secondary 
[lsw4]stp instance 2 root secondary
[lsw4]stp instance 0 root secondary
[lsw4-Vlanif2]dis th
#
interface Vlanif2ip address 192.168.2.2 255.255.255.0vrrp vrid 1 virtual-ip 192.168.2.254
#
[lsw4-Vlanif3]dis th
#
interface Vlanif3ip address 192.168.3.2 255.255.255.0vrrp vrid 1 virtual-ip 192.168.3.254vrrp vrid 1 priority 120vrrp vrid 1 preempt-mode timer delay 20vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 15vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 15
#[lsw5-GigabitEthernet0/0/1]dis th 
#
interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 2 to 3
#
[lsw5-GigabitEthernet0/0/2]dis th
#
interface GigabitEthernet0/0/2port link-type trunkport trunk allow-pass vlan 2 to 3
#
[lsw5]stp mode mstp 	
[lsw5]stp enable 
[lsw5]stp region-configuration 
[lsw5-mst-region]region-name aa
[lsw5-mst-region]instance 1 vlan 2
[lsw5-mst-region]instance 2 vlan 3
[lsw5-mst-region]active region-configuration

测试
在这里插入图片描述

汇聚到核心层路由配置
在这里插入图片描述
lsw3

[lsw3-GigabitEthernet0/0/1]port link-type access 
[lsw3-GigabitEthernet0/0/1]port default vlan 103
[lsw3-GigabitEthernet0/0/1]undo stp enable 
[lsw3-GigabitEthernet0/0/1]int g 0/0/2
[lsw3-GigabitEthernet0/0/2]port link-type access 
[lsw3-GigabitEthernet0/0/2]port default vlan 203
[lsw3-GigabitEthernet0/0/2]undo stp ena	
[lsw3-GigabitEthernet0/0/2]undo stp enable [lsw3]interface vlanif 103
[lsw3-Vlanif103]ip address 10.10.3.3 24
[lsw3-Vlanif103]q
[lsw3]interface vlanif 203
[lsw3-Vlanif203]ip address 10.20.3.3 24[lsw3]ospf 1 router-id 3.3.3.3 
[lsw3-ospf-1]area 0
[lsw3-ospf-1-area-0.0.0.0]network  10.10.3.3 0.0.0.0
[lsw3-ospf-1-area-0.0.0.0]network 10.20.3.3 0.0.0.0
[lsw3-ospf-1-area-0.0.0.0]network 192.168.2.1 0.0.0.0
[lsw3-ospf-1-area-0.0.0.0]network 192.168.3.1 0.0.0.0
[lsw3-ospf-1]silent-interface Vlanif 2
[lsw3-ospf-1]silent-interface Vlanif 3

lsw4

[lsw4]vlan batch 104 204
[lsw4]int g 0/0/1
[lsw4-GigabitEthernet0/0/1]port link-type access 
[lsw4-GigabitEthernet0/0/1]port default vlan 204
[lsw4-GigabitEthernet0/0/1]q
[lsw4]int g 0/0/2
[lsw4-GigabitEthernet0/0/2]port link-type access 
[lsw4-GigabitEthernet0/0/2]port default vlan 104
[lsw4-GigabitEthernet0/0/2]q
[lsw4]int g 0/0/1
[lsw4-GigabitEthernet0/0/1]undo stp en	
[lsw4-GigabitEthernet0/0/1]undo stp enable 
[lsw4-GigabitEthernet0/0/1]int g 0/0/2
[lsw4-GigabitEthernet0/0/2]undo stp enable[lsw4]interface vlanif 104
[lsw4-Vlanif104]ip address 10.10.4.4 24
[lsw4-Vlanif104]q
[lsw4]interface vlanif 204
[lsw4-Vlanif204]ip address 10.20.4.4 24[lsw4]ospf 1 router-id 4.4.4.4
[lsw4-ospf-1]area 0
[lsw4-ospf-1-area-0.0.0.0]network 10.10.4.4 0.0.0.0
[lsw4-ospf-1-area-0.0.0.0]network 10.20.4.4 0.0.0.0
[lsw4-ospf-1-area-0.0.0.0]network 192.168.2.2 0.0.0.0
[lsw4-ospf-1-area-0.0.0.0]network 192.168.3.2 0.0.0.0
[lsw4-ospf-1]silent-interface Vlanif 2
[lsw4-ospf-1]silent-interface Vlanif

创建VRF空间并配置VRF信息

[lsw1]ip vpn-instance VRF    
[lsw1-vpn-instance-VRF]route-distinguisher 100:1 
[lsw1-vpn-instance-VRF-af-ipv4]vpn-target 100:1 both  
[lsw2]ip vpn-instance VRF
[lsw2-vpn-instance-VRF]route-distinguisher 100:1	
[lsw2-vpn-instance-VRF-af-ipv4]vpn-target 100:1 both

配置vlan信息

lsw1

[lsw1]vlan batch 102 103 104
[lsw1]interface GigabitEthernet 0/0/6
[lsw1-GigabitEthernet0/0/6]port link-type access 
[lsw1-GigabitEthernet0/0/6]port default vlan 103	
[lsw1-GigabitEthernet0/0/6]undo stp enable[lsw1]interface GigabitEthernet 0/0/5
[lsw1-GigabitEthernet0/0/5]port link-type trunk 
[lsw1-GigabitEthernet0/0/5]undo port trunk allow-pass vlan 1
[lsw1-GigabitEthernet0/0/5]port trunk allow-pass vlan 102
[lsw1-GigabitEthernet0/0/5]undo stp enable[lsw1]interface GigabitEthernet 0/0/7
[lsw1-GigabitEthernet0/0/7]port link-type access 
[lsw1-GigabitEthernet0/0/7]port default vlan 104
[lsw1-GigabitEthernet0/0/7]undo stp enable

lsw2

[lsw2]vlan batch 102 203 204
[lsw2]interface GigabitEthernet 0/0/6
[lsw2-GigabitEthernet0/0/6]port link-type access 	
[lsw2-GigabitEthernet0/0/6]port default vlan 204
[lsw2-GigabitEthernet0/0/6]undo stp enable[lsw2]interface GigabitEthernet 0/0/7
[lsw2-GigabitEthernet0/0/7]port link-type access 
[lsw2-GigabitEthernet0/0/7]port default vlan 203
[lsw2-GigabitEthernet0/0/7]undo stp enable [lsw2]interface GigabitEthernet 0/0/5
[lsw2-GigabitEthernet0/0/5]port link-type trunk 
[lsw2-GigabitEthernet0/0/5]port trunk allow-pass vlan 102
[lsw2-GigabitEthernet0/0/5]undo port trunk allow-pass vlan 1
[lsw2-GigabitEthernet0/0/5]undo stp enable

创建Vlanif接口,并将接口划入VRF空间

lsw1

[lsw1]interface Vlanif 102
[lsw1-Vlanif102]ip binding vpn-instance VRF 
[lsw1-Vlanif102]ip address 10.10.2.1 24[lsw1]interface Vlanif 103
[lsw1-Vlanif103]ip binding vpn-instance VRF
[lsw1-Vlanif103]ip add 10.10.3.1 24[lsw1]interface Vlanif 104
[lsw1-Vlanif104]ip binding vpn-instance VRF
[lsw1-Vlanif104]ip add 10.10.4.1 24

lsw2

[lsw2]interface Vlanif 102
[lsw2-Vlanif102]ip binding vpn-instance VRF
[lsw2-Vlanif102]ip address 10.10.2.2 24[lsw2]interface Vlanif 203
[lsw2-Vlanif203]ip binding vpn-instance VRF
[lsw2-Vlanif203]ip address 10.20.3.2 24[lsw2]interface Vlanif 204
[lsw2-Vlanif204]ip binding vpn-instance VRF
[lsw2-Vlanif204]ip add 10.20.4.2 24

配置VRF空间的OSPF

[lsw1]ospf 1 router-id 1.1.1.1 vpn-instance VRF
[lsw1-ospf-1]area 0
[lsw1-ospf-1-area-0.0.0.0]network 10.10.2.1 0.0.0.0
[lsw1-ospf-1-area-0.0.0.0]network 10.10.3.1 0.0.0.0
[lsw1-ospf-1-area-0.0.0.0]network 10.10.4.1 0.0.0.0
[lsw1-ospf-1]default-route-advertise[lsw2]ospf 1 router-id 2.2.2.2 vpn-instance VRF	
[lsw2-ospf-1]area 0
[lsw2-ospf-1-area-0.0.0.0]network 10.10.2.2 0.0.0.0
[lsw2-ospf-1-area-0.0.0.0]network 10.20.3.2 0.0.0.0
[lsw2-ospf-1-area-0.0.0.0]network 10.20.4.2 0.0.0.0
[lsw2-ospf-1]default-route-advertise

路由策略规划
在这里插入图片描述

[lsw3]interface Vlanif 203
[lsw3-Vlanif203]ospf cost 5[lsw4]interface Vlanif 104
[lsw4-Vlanif104]ospf cost 5

路由策略配置

[lsw3-ospf-1-area-0.0.0.0]undo network 192.168.2.1 0.0.0.0
[lsw3-ospf-1-area-0.0.0.0]undo network 192.168.3.1 0.0.0.0
[lsw4-ospf-1-area-0.0.0.0]undo network 192.168.2.2 0.0.0.0
[lsw4-ospf-1-area-0.0.0.0]undo network 192.168.3.2 0.0.0.0[lsw3]ip ip-prefix aa permit 192.168.2.0 24
[lsw3]ip ip-prefix bb permit 192.168.3.0 24
[lsw3]route-policy bb permit node 10
[lsw3-route-policy]if-match ip-prefix bb
[lsw3-route-policy]apply cost 5
[lsw3]route-policy bb permit node 20
[lsw3-route-policy]if-match ip-prefix aa
[lsw3]ospf 1	
[lsw3-ospf-1]import-route direct route-policy bb[lsw4]ip ip-prefix aa permit 192.168.2.0 24
[lsw4]ip ip-prefix bb permit 192.168.3.0 24
[lsw4]route-policy aa permit node 10
[lsw4-route-policy]if-match ip-prefix aa
[lsw4-route-policy]apply cost 5
[lsw4]route-policy aa permit node 20
[lsw4-route-policy]if-match ip-prefix bb
[lsw4]ospf 1
[lsw4-ospf-1]import-route direct route-policy aa

查看更改后的VRF空间路由
在这里插入图片描述

在这里插入图片描述
VRF区域配置

lsw1

[lsw1]vlan batch 401 402
[lsw1]interface GigabitEthernet 0/0/2
[lsw1-GigabitEthernet0/0/2]port link-type trunk 	
[lsw1-GigabitEthernet0/0/2]port trunk allow-pass vlan 401 402
[lsw1]interface GigabitEthernet 0/0/4
[lsw1-GigabitEthernet0/0/4]port link-type trunk 
[lsw1-GigabitEthernet0/0/4]port trunk allow-pass vlan 401 402[lsw1]interface Vlanif 401
[lsw1-Vlanif401]ip binding vpn-instance VRF
[lsw1-Vlanif401]ip address 10.40.1.1 24
[lsw1-Vlanif401]vrrp vrid 1 virtual-ip 10.40.1.100
[lsw1-Vlanif401]vrrp vrid 1 priority 120
[lsw1-Vlanif401]vrrp vrid 1 preempt-mode timer delay 60
[lsw1-Vlanif401]vrrp vrid 1 track interface GigabitEthernet 0/0/2 reduced 30[lsw1]interface Vlanif 402
[lsw1-Vlanif402]ip binding vpn-instance VRF
[lsw1-Vlanif402]ip address 10.40.2.1 24
[lsw1-Vlanif402]vrrp vrid 2 virtual-ip 10.40.2.100

lsw2

[lsw2]vlan batch 401 402
[lsw2]interface GigabitEthernet 0/0/3
[lsw2-GigabitEthernet0/0/3]port link-type trunk 
[lsw2-GigabitEthernet0/0/3]port trunk allow-pass vlan 401 402
[lsw2]interface GigabitEthernet 0/0/5
[lsw2-GigabitEthernet0/0/5]port link-type trunk 
[lsw2-GigabitEthernet0/0/5]port trunk allow-pass vlan 401 402[lsw2]interface Vlanif 401
[lsw2-Vlanif401]ip binding vpn-instance VRF
[lsw2-Vlanif401]ip address 10.40.1.2 24
[lsw2-Vlanif401]vrrp vrid 1 virtual-ip 10.40.1.100[lsw2]interface Vlanif 402
[lsw2-Vlanif402]ip binding vpn-instance VRF
[lsw2-Vlanif402]ip address 10.40.2.2 24
[lsw2-Vlanif402]vrrp vrid 2 virtual-ip 10.40.2.100
[lsw2-Vlanif402]vrrp vrid 2 priority 120
[lsw2-Vlanif402]vrrp vrid 2 preempt-mode timer delay 60
[lsw2-Vlanif402]vrrp vrid 2 track interface GigabitEthernet 0/0/3 reduced 30

FW1

[FW1]vlan batch 401 402 403 404
[FW1]interface GigabitEthernet 1/0/0
[FW1-GigabitEthernet1/0/0]ip add 10.10.10.1 30[FW1]interface GigabitEthernet 1/0/2.401
[FW1-GigabitEthernet1/0/2.401]ip add 10.40.1.10 24
[FW1-GigabitEthernet1/0/2.401]vlan-type dot1q 401[FW1]interface GigabitEthernet 1/0/2.402
[FW1-GigabitEthernet1/0/2.402]ip address 10.40.2.10 24
[FW1-GigabitEthernet1/0/2.402]vlan-type dot1q 402[FW1]interface GigabitEthernet 1/0/3.403
[FW1-GigabitEthernet1/0/3.403]ip address 10.40.3.10 24
[FW1-GigabitEthernet1/0/3.403]vlan-type dot1q 403[FW1]interface GigabitEthernet 1/0/3.404
[FW1-GigabitEthernet1/0/3.404]ip add 10.40.4.10 24
[FW1-GigabitEthernet1/0/3.404]vlan-type dot1q 404

FW2

[FW2]vlan batch 401 402 403 404
[FW2]interface GigabitEthernet 1/0/0
[FW2-GigabitEthernet1/0/0]ip add 10.10.10.2 30[FW2]interface GigabitEthernet 1/0/2.401
[FW2-GigabitEthernet1/0/2.401]ip address 10.40.1.20 24
[FW2-GigabitEthernet1/0/2.401]vlan-type dot1q 401[FW2]interface GigabitEthernet 1/0/2.402
[FW2-GigabitEthernet1/0/2.402]ip add 10.40.2.20 24
[FW2-GigabitEthernet1/0/2.402]vlan-type dot1q 402[FW2]interface GigabitEthernet 1/0/1.403
[FW2-GigabitEthernet1/0/1.403]ip add 10.40.3.20 24
[FW2-GigabitEthernet1/0/1.403]vlan-type dot1q 403[FW2]interface GigabitEthernet 1/0/1.404
[FW2-GigabitEthernet1/0/1.404]ip add 10.40.4.20 24
[FW2-GigabitEthernet1/0/1.404]vlan-type dot1q 404

安全区域划分

FW1

[FW1]firewall zone trust 
[FW1-zone-trust]add interface GigabitEthernet 1/0/1.401
[FW1-zone-trust]add interface GigabitEthernet 1/0/1.402[FW1]firewall zone untrust 
[FW1-zone-untrust]add interface GigabitEthernet 1/0/3.403
[FW1-zone-untrust]add interface GigabitEthernet 1/0/3.404[FW1]firewall zone dmz 
[FW1-zone-dmz]add interface GigabitEthernet 1/0/0

FW2

[FW2]firewall zone trust 
[FW2-zone-trust]add interface GigabitEthernet 1/0/2.401
[FW2-zone-trust]add interface GigabitEthernet 1/0/2.402[FW2]firewall zone untrust 
[FW2-zone-untrust]add interface GigabitEthernet 1/0/1.403
[FW2-zone-untrust]add interface GigabitEthernet 1/0/1.404[FW2]firewall zone dmz 
[FW2-zone-dmz]add interface GigabitEthernet 1/0/0

防火墙双机热备配置

FW1

[FW1]interface GigabitEthernet 1/0/2.401
[FW1-GigabitEthernet1/0/2.401]vrrp vrid 5 virtual-ip 10.40.1.200 active 
[FW1]interface GigabitEthernet 1/0/2.402
[FW1-GigabitEthernet1/0/2.402]vrrp vrid 6 virtual-ip 10.40.2.200 standby [FW1]interface GigabitEthernet 1/0/3.403
[FW1-GigabitEthernet1/0/3.403]vrrp vrid 7 virtual-ip 10.40.3.200 active 
[FW1]interface GigabitEthernet 1/0/3.404
[FW1-GigabitEthernet1/0/3.404]vrrp vrid 8 virtual-ip 10.40.4.200 standby [FW1]hrp mirror session enable 
[FW1]hrp interface GigabitEthernet 1/0/0 remote 10.10.10.2 
[FW1]hrp enableHRP_S[FW1]ip route-static 0.0.0.0 0 10.40.3.100	
HRP_S[FW1]ip route-static 0.0.0.0 0 10.40.4.100 preference 70HRP_M[FW1]ip route-static 192.168.0.0 16 10.40.1.100
HRP_M[FW1]ip route-static 192.168.0.0 16 10.40.2.100 preference 70

FW2

[FW2]interface GigabitEthernet 1/0/2.401
[FW2-GigabitEthernet1/0/2.401]vrrp vrid 5 virtual-ip 10.40.1.200 standby 
[FW2]interface GigabitEthernet 1/0/2.402
[FW2-GigabitEthernet1/0/2.402]vrrp vrid 6 virtual-ip 10.40.2.200 active [FW2]interface GigabitEthernet 1/0/3.403
[FW2-GigabitEthernet1/0/3.403]vrrp vrid 7 virtual-ip 10.40.3.200 standby 
[FW2]interface GigabitEthernet 1/0/3.404
[FW2-GigabitEthernet1/0/3.404]vrrp vrid 8 virtual-ip 10.40.4.200 active [FW2]hrp mirror session enable
[FW2]hrp interface GigabitEthernet 1/0/0 remote 10.10.10.1
[FW2]hrp enableHRP_S[FW2]ip route-static 0.0.0.0 0 10.40.4.100
HRP_S[FW2]ip route-static 0.0.0.0 0 10.40.3.100 preference 70HRP_S[FW2]ip route-static 192.168.0.0 16 10.40.2.100
HRP_S[FW2]ip route-static 192.168.0.0 16 10.40.1.100 preference 70

安全策略配置

HRP_M[FW1]security-policy  (+B)
HRP_M[FW1-policy-security]rule name trust_to_untrust (+B)
HRP_M[FW1-policy-security-rule-trust_to_untrust]source-zone trust  (+B)
HRP_M[FW1-policy-security-rule-trust_to_untrust]destination-zone untrust  (+B)
HRP_M[FW1-policy-security-rule-trust_to_untrust]source-address 192.168.0.0 16 (+B)
HRP_M[FW1-policy-security-rule-trust_to_untrust]action permit  (+B)

SW1、SW2的Public区域配置

[lsw1]vlan batch 403 404
[lsw1]interface GigabitEthernet 0/0/1
[lsw1-GigabitEthernet0/0/1]port link-type trunk 
[lsw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 403 404
[lsw1]interface GigabitEthernet 0/0/2
[lsw1-GigabitEthernet0/0/2]port link-type trunk 
[lsw1-GigabitEthernet0/0/2]port trunk allow-pass vlan 403 404
[lsw1]interface Vlanif 403
[lsw1-Vlanif403]ip address 10.40.3.1 24
[lsw1-Vlanif403]vrrp vrid 3 virtual-ip 10.40.3.100
[lsw1-Vlanif403]vrrp vrid 3 priority 120
[lsw1-Vlanif403]vrrp vrid 3 preempt-mode timer delay 60
[lsw1-Vlanif403]vrrp vrid 3 track interface GigabitEthernet 0/0/1 reduced 30
[lsw1]interface Vlanif 404
[lsw1-Vlanif404]ip add 10.40.4.1 24
[lsw1-Vlanif404]vrrp vrid 4 virtual-ip 10.40.4.100[lsw2]vlan batch 403 404
[lsw2]interface GigabitEthernet 0/0/1
[lsw2-GigabitEthernet0/0/1]port link-type trunk 
[lsw2-GigabitEthernet0/0/1]port trunk allow-pass vlan 403 404
[lsw2]interface GigabitEthernet 0/0/2
[lsw2-GigabitEthernet0/0/2]port link-type trunk 
[lsw2-GigabitEthernet0/0/2]port trunk allow-pass vlan 403 404
[lsw2]interface  Vlanif 403
[lsw2-Vlanif403]ip address 10.40.3.2 24
[lsw2-Vlanif403]vrrp vrid 3 virtual-ip 10.40.3.100
[lsw2]interface Vlanif 404
[lsw2-Vlanif404]ip address 10.40.4.2 24
[lsw2-Vlanif404]vrrp vrid 4 virtual-ip 10.40.4.100
[lsw2-Vlanif404]vrrp vrid 4 priority 120
[lsw2-Vlanif404]vrrp vrid 4 preempt-mode timer delay 60
[lsw2-Vlanif404]vrrp vrid 4 track interface GigabitEthernet 0/0/2 reduced 30

路由补充

[lsw1]ip route-static vpn-instance VRF 0.0.0.0 0 10.40.1.200
[lsw1]ip route-static vpn-instance VRF 0.0.0.0 0 10.40.2.200 preference 70[lsw1]ip route-static 192.168.0.0 16 10.40.3.200
[lsw1]ip route-static 192.168.0.0 16 10.40.4.200 preference 70[lsw2]ip route-static vpn-instance VRF 0.0.0.0 0 10.40.2.200
[lsw2]ip route-static vpn-instance VRF 0.0.0.0 0 10.40.1.200 preference 70[lsw2]ip route-static 192.168.0.0 16 10.40.4.200	
[lsw2]ip route-static 192.168.0.0 16 10.40.3.200 preference 70

核心到边界配置

lsw1

[lsw1]vlan batch 201 105
[lsw1]interface GigabitEthernet 0/0/7
[lsw1-GigabitEthernet0/0/7]port link-type access
[lsw1-GigabitEthernet0/0/7]port default vlan 105
[lsw1-GigabitEthernet0/0/7]undo stp enable [lsw1]interface GigabitEthernet 0/0/2
[lsw1-GigabitEthernet0/0/2]port trunk allow-pass vlan 12
[lsw1-GigabitEthernet0/0/2]undo stp enable [lsw1]interface Vlanif 105
[lsw1-Vlanif11]ip address 10.10.5.1 24
[lsw1]interface Vlanif 12
[lsw1-Vlanif12]ip add 10.20.1.1 24[lsw1]ospf 1 router-id 1.1.1.1
[lsw1-ospf-1]area 0
[lsw1-ospf-1-area-0.0.0.0]network 10.20.1.1 0.0.0.0
[lsw1-ospf-1-area-0.0.0.0]network 10.10.5.1 0.0.0.0

lsw2

[lsw2]vlan batch 201 206
[lsw2]interface GigabitEthernet 0/0/7
[lsw2-GigabitEthernet0/0/7]port link-type access 
[lsw2-GigabitEthernet0/0/7]port default vlan 206
[lsw2-GigabitEthernet0/0/7]undo stp enable[lsw2]interface GigabitEthernet 0/0/2
[lsw2-GigabitEthernet0/0/2]port trunk allow-pass vlan 201
[lsw2-GigabitEthernet0/0/2]undo stp enable [lsw2]interface Vlanif 201
[lsw2-Vlanif12]ip address 10.20.1.2 24
[lsw2]interface Vlanif 22
[lsw2-Vlanif22]ip address 10.20.6.2 24
[lsw2]ospf 2 router-id 2.2.2.2
[lsw2-ospf-2]area 0
[lsw2-ospf-2-area-0.0.0.0]network 10.20.6.2 0.0.0.0
[lsw2-ospf-2-area-0.0.0.0]network 10.20.1.2 0.0.0.0

R5

[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip address 10.10.5.5 24
[R5]int g 0/0/1
[R5-GigabitEthernet0/0/1]ip address 10.56.0.5 24
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]netw	
[R5-ospf-1-area-0.0.0.0]network 10.56.0.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 10.10.5.5 0.0.0.0
[R5]int g 0/0/2
[R5-GigabitEthernet0/0/2]ip add 12.0.0.5 24
[R5]ip route-static 0.0.0.0 0 12.0.0.100
[R5]ospf 1
[R5-ospf-1]default-route-advertise 
[R5]acl 2000
[R5-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[R5]int g 0/0/2
[R5-GigabitEthernet0/0/2]nat outbound 2000

R6

[R6]int g 0/0/0
[R6-GigabitEthernet0/0/0]ip address 10.20.6.6 24
[R6-GigabitEthernet0/0/0]int g 0/0/1
[R6-GigabitEthernet0/0/1]ip address 10.56.0.6 24
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]area 0
[R6-ospf-1-area-0.0.0.0]network 10.56.0.6 0.0.0.0
[R6-ospf-1-area-0.0.0.0]network 10.20.6.6 0.0.0.0
[R6]int g 0/0/2
[R6-GigabitEthernet0/0/2]ip address 13.0.0.6 24
[R6]ip route-static 0.0.0.0 0 13.0.0.100
[R6]ospf 1
[R6-ospf-1]default-route-advertise 
[R6]acl 2000
[R6-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[R6]int g 0/0/2
[R6-GigabitEthernet0/0/2]nat outbound 2000

ISP

[ISP]int g 0/0/0
[ISP-GigabitEthernet0/0/0]ip address 12.0.0.100 24
[ISP-GigabitEthernet0/0/0]int g 0/0/1
[ISP-GigabitEthernet0/0/1]ip address 13.0.0.100 24
[ISP]int LoopBack 0
[ISP-LoopBack0]ip address 100.1.1.1 24

测试
在这里插入图片描述
在这里插入图片描述

http://www.dtcms.com/wzjs/362660.html

相关文章:

  • wordpress修改主题模板广州seo公司官网
  • 服装网站建设需求分析报告优化大师卸载不了
  • 网站建设的设计思路国际最新十大新闻事件
  • 如果快速做网站西安网站排名优化培训
  • 如何加强政府网站建设和管理今日新闻大事件
  • 株洲做网站 省心磐石网络南京seo按天计费
  • 河南生产型企业网站建设深圳推广系统
  • 移动端手机网站制作国家职业技能培训学校
  • wordpress模板修改图片网站seo设计方案案例
  • 做网站吸引客户搜索网站有哪些
  • 想开网站怎样做网站优化排名易下拉霸屏
  • 设计一个网站报价互联网项目
  • 萝岗网站建设制作怎么用模板做网站
  • 记事本做网站的流程温州seo招聘
  • 品牌营销策划书百度seo网站优化 网络服务
  • 大学做网站是什么专业百度网讯科技有限公司官网
  • 广东网站建设公司排名长沙百度网站排名优化
  • 自贡做网站的公司百度识图网页版 在线
  • 怎么创建游戏软件seo门户网站建设方案
  • 浙江网站搭建百度框架户开户渠道
  • 手机怎么样做网站站长之家新网址
  • 政府找网站开发商要求王通seo
  • 樟木头网站仿做简述网站建设的基本流程
  • 做定制型网站电子商务网站推广策略
  • 网站开发论文答辩问题近期国际新闻20条
  • 营销型企业网站建设的基本原则是seo发帖网站
  • 虹口专业做网站百度app客服人工电话
  • 中英文网站英文任务放单平台
  • 如何进行网站网站调试站长是什么级别
  • 宝鸡营销型网站建设win7优化大师免安装版